Adoptable Cookbooks List

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

The system running this cookbooks should have a role named 'monitoring' so that NRPE clients can authorize monitoring from that system. This role name is configurable via an attribute. See Attributes below.

Platform

Notes: This cookbook has been tested on the listed platforms. It may work on other platforms with or without modification.

Cookbooks

apache2 2.0 or greater

build-essential

nginx

nginx_simplecgi

php

yum-epel (note: this requires yum cookbook v3.0, which breaks compatibility with many other cookbooks)

Attributes

config

The config file contains the Nagios configuration options. Consult the nagios documentation for available settings and allowed options. Configuration entries of which multiple entries are allowed, need to be specified as an Array.

node['nagios']['multi_environment_monitoring'] - Chef server will monitor hosts in all environments, not just its own, default 'false'

node['nagios']['monitored_environments'] - If multi_environment_monitoring is 'true' nagios will monitor nodes in all environments. If monitored_environments is defined then nagios will monitor only hosts in the list of environments defined. For ex: ['prod', 'beta'] will monitor only hosts in 'prod' and 'beta' chef_environments. Defaults to '[]' - and all chef environments will be monitored by default.

node['nagios']['monitoring_interface'] - If set, will use the specified interface for all nagios monitoring network traffic. Defaults to nil

node['nagios']['exclude_tag_host'] - If set, hosts tagged with this value will be excluded from nagios monitoring. Defaults to ''

node['nagios']['server']['install_method'] - whether to install from package or source. Default chosen by platform based on known packages available for Nagios: debian/ubuntu 'package', redhat/centos/fedora/scientific: source

node['nagios']['server']['install_yum-epel'] - whether to install the EPEL repo or not (only applies to RHEL platform family). The default value is true. Set this to false if you do not wish to install the EPEL RPM; in this scenario you will need to make the relevant packages available via another method e.g. local repo, or install from source.

node['nagios']['server']['service_name'] - name of the service used for Nagios, default chosen by platform, debian/ubuntu "nagios3", redhat family "nagios", all others, "nagios"

node['nagios']['http_port'] - port that the Apache/Nginx virtual site should listen on, determined whether ssl is enabled (443 if so, otherwise 80). Note: You will also need to configure the listening port for either NGINX or Apache within those cookbooks.

node['nagios']['server_name'] - common name to use in a server cert, default "nagios"

node['nagios']['server']['server_alias'] - alias name for the webserver for use with Apache. Defaults to nil

node['nagios']['ssl_req'] - info to use in a cert, default /C=US/ST=Several/L=Locality/O=Example/OU=Operations/CN=#{node['nagios']['server_name']}/emailAddress=ops@#{node['nagios']['server_name']}

node['nagios']['server']['url'] - url to download the server source from if installing from source

node['nagios']['server']['version'] - version of the server source to download

node['nagios']['server']['checksum'] - checksum of the source files

node['nagios']['server']['patch_url'] - url to download patches from if installing from source

node['nagios']['server']['patches'] - array of patch filenames to apply if installing from source

node['nagios']['conf']['enable_notifications'] - set to 1 to enable notification.

node['nagios']['check_external_commands']

node['nagios']['default_contact_groups']

node['nagios']['sysadmin_email'] - default notification email.

node['nagios']['sysadmin_sms_email'] - default notification sms.

node['nagios']['server_auth_method'] - authentication with the server can be done with openid (using apache2::mod_auth_openid), cas (using apache2::mod_auth_cas),ldap (using apache2::mod_authnz_ldap), or htauth (basic). The default is htauth. "openid" will utilize openid authentication, "cas" will utilize cas authentication, "ldap" will utilize LDAP authentication, and any other value will use htauth (basic).

node['nagios']['cas_login_url'] - login url for cas if using cas authentication.

node['nagios']['cas_validate_url'] - validation url for cas if using cas authentication.

node['nagios']['templates'] - These set directives in the default host template. Unless explicitly overridden, they will be inherited by the host definitions for each discovered node and nagios_unmanagedhosts data bag. For more information about these directives, see the Nagios documentation for host definitions.

node['nagios']['hosts_template'] - Host template you want to inherit properties/variables from, default 'server'. For more information, see the nagios doc on Object Inheritance.

node['nagios']['interval_length'] - minimum interval.

node['nagios']['brokers'] - Hash of broker modules to include in the config. Hash key is the path to the broker module, the value is any parameters to pass to it.

Recipes

default

Includes the correct client installation recipe based on platform, either nagios::server_package or nagios::server_source.

The server recipe sets up Apache as the web front end by default. This recipe also does a number of searches to dynamically build the hostgroups to monitor, hosts that belong to them and admins to notify of events/alerts.

Searches are confined to the node's chef_environment unless multi-environment monitoring is enabled.

The recipe does the following:

Searches for users in 'users' databag belonging to a 'sysadmin' group, and authorizes them to access the Nagios web UI and also to receive notification e-mails.

Searches all available roles/environments and builds a list which will become the Nagios hostgroups.

Places nodes in Nagios hostgroups by role / environment membership.

Installs various packages required for the server.

Sets up configuration directories.

Moves the package-installed Nagios configuration to a 'dist' directory.

server_package

server_source

Installs the Nagios server from source. Default for Red Hat / Fedora based systems as native packages for Nagios are not available in the default repositories.

pagerduty

Installs pagerduty plugin for nagios. If you only have a single pagerduty key, you can simply set a node['nagios']['pagerduty_key'] attribute on your server. For multiple pagerduty key configuration see Pager Duty under Data Bags.

This recipe was written based on the Nagios Integration Guide from PagerDuty which explains how to get an API key for your Nagios server.

Data Bags

Pager Duty

You can define pagerduty contacts and keys by creating nagios_pagerduty data bags that contain the contact and
the relevant key. Setting admin_contactgroup to "true" will add this pagerduty contact to the admin contact group
created by this cookbook.

Usage

server setup

Create a role named 'monitoring', and add the nagios server recipe to the run_list. See Monitoring Role above for an example.

Apply the nrpe cookbook to nodes in order to install the NRPE client

By default the Nagios server will only monitor systems in its same environment. To change this set the multi_environment_monitoring attribute. See Attributes

Create data bag items in the users data bag for each administer you would like to be able to login to the Nagios server UI. Pay special attention to the method you would like to use to authorization users (openid or htauth). See Users and Atttributes

At this point you now have a minimally functional Nagios server, however the server will lack any service checks outside of the single Nagios Server health check.

defining checks

NRPE commands are defined in recipes using the nrpe_check LWRP provider in the nrpe cookbooks. For base system monitoring such as load, ssh, memory, etc you may want to create a cookbook in your environment that defines each monitoring command via the LWRP.

With NRPE commands created using the LWRP you will need to define Nagios services to use those commands. These services are defined using the nagios_services data bag and applied to roles and/or environments. See Services

enabling notifications

You need to set default['nagios']['notifications_enabled'] = 1 attribute on your Nagios server to enable email notifications.

For email notifications to work an appropriate mail program package and local MTA need to be installed so that /usr/bin/mail or /bin/mail is available on the system.

License & Authors

Copyright 2009, 37signals
Copyright 2009-2013, Chef Software, Inc
Copyright 2012, Webtrends Inc.
Copyright 2013-2014, Limelight Networks, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Improvement

Cleaned up and removed duplicate code from the web server configuration

New Features

Added the ability to tag nodes with an attribute that excludes them from the monitoring search. See readme for details

Breaking Changes

The /nagios or /nagios3 URLs are no longer valid. Nagios should be installed on the root of the webserver and this never entirely worked

Development

Updated Rubocop rules

Fixed specs to run with Chefspec 4.X

v6.0.4

Bug

Fix normalized hostnames not normalizing the hostgroups

Don't register the service templates so that Nagios will start properly

Require Apache2 cookbook version 2.0 or greater due to breaking changes with how site.conf files are handled

Improvement

Added additional options for perfdata

New Feature

Added the ability to specify a URL to download patches that will be applied to the source install prior to compliation

v6.0.2

Bug

Remove .DS_Store files in the supermarket file that caused failures on older versions of Berkshelf

v6.0.0

Breaking changes

NRPE is no longer installed by the nagios cookbook. This is handled by the NRPE cookbook. Moving this logic allows for more fined grained control of how the two services are installed and configured

Previously the Nagios server was monitored out of the box using a NRPE check. This is no longer the case since the cookbooks are split. You'll need to add a services data bag to return this functionality

RHEL now defaults to installing via packages. If you would like to continue installing via source make sure to set the installation_method attribute

node['nagios']['additional_contacts'] attribute has been removed. This was previously used for Pagerduty integration

Server setup is now handled in the nagios::default recipe vs. the nagios::server recipe. You will need to update roles / nodes referencing the old recipe

Bug

htpasswd file should be setup after Nagios has been installed to ensure the user has been created

Ensure that the Linux hostgroup still gets created even if the Nagios server is the first to come up in the environment

Correctly set the vname on RHEL/Fedora platforms for source/package installs

Set resource_dir in nagios.cfg on RHEL platforms with a new attribute

Create the archives dir in the log on source installs

Properly create the Nagios user/group on source installs

Properly set the path for the p1.pl file on RHEL platforms

Ensure that the hostgroups array doesn't include duplicates in the even that an environment and role have the same name

Only template nagios.cfg once

Fix ocsp-command typo in nagios.cfg

Fix bug that prevented Apache2 recipe from completing

Improvement

Readme cleanup

Created a new users_helper library to abstract much of the Ruby logic for building user lists out of the recipe

v5.3.4

Bug

v5.3.2

Bug

Remove a development file that was accidentally added to the community site release

v5.3.0

Breaking changes

Directories for RHEL installations have been updated to use correct RHEL directories vs. Debian directories. You may need to override these directories with the existing directories to not break existing installations on RHEL. Proceed with caution.

Bug

Cookbook no longer fails the run if a node has no roles

Cookbook no longer fails if there are no users defined in the data bag

Cookbook no longer fails if a node has no hostname

Cookbook no longer fails if the node does not have a defined OS

Fix incorrect Pagerduty key usage

Allowed NRPE hosts were not being properly determined due to bad logic and a typo

Improvement

Improve Test-Kitchen support with newer RHEL point releases, Ubuntu 13.04, and Debian 6/7

Simplified logic in web server detection for determining public domain and switches from symbols to strings throughout

New Feature

Support for Nagios host escalations via a new data bag. See the readme for additional details

New attribute node['nagios']['monitoring_interface'] to allow specifying a specific network interface's IP to monitor

You can now define the values for execute_service_checks, accept_passive_service_checks, execute_host_checks, and accept_passive_host_checks via attributes

You can now define the values for obsess_over_services and obsess_over_hosts settings via attributes

v5.2.0

Breaking changes

This release requires yum-epel, which requires the yum v3.0 cookbook. This may break other cookbooks in your environment

Bug

Improvement

Use the new monitoring-plugins.org address for the Nagios Plugins during source installs

The version of apt defined in the Berksfile is no longer constrained

Find all nodes by searching by node not hostname to workaround failures in ohai determining the hostname

New Feature

Allow defining of time periods via new data bag nagios_timeperiods. See the Readme for additional details

v5.1.0

Bug

COOK-3210 Contacts are now only written out if the contact has Nagios keys defined, which prevents e-mail-less contacts from being written out

COOK-4098 Fixed an incorrect example for using templates in the readme

Fixed a typo in the servicedependencies.cfg.erb template that resulted in hostgroup_name always being blank

Improvement

The Yum cookbook dependency has been pinned to < 3.0 to prevent breakage when the 3.0 cookbook is released

COOK-2389 The logic used to determine what IP to identify the monitored host by has been moved into the default library to simplify the hosts.cfg.erb template

A Vagrantfile has been added to allow for testing on Ubuntu 10.04/12.04 and CentOS 5.9/6.4 in multi-node setups

Chef spec tests have been added for the server

Gemfile updated to use Rubocop 0.15 and TestKitchen 1.0

COOK-3913 / COOK-3914 Source based installations now use Nagios 3.5.1 and the Nagios Plugins 1.5.0

New Feature

The names of the various data bags used in the cookbook can now be controlled with new attributes found in the server.rb attribute file

All configuration options in the cgi.cfg and nrpe.cfg files can now be controlled via attributes

COOK-3690 An intermediate SSL certificate can now be used on the web server as defined in the new attribute node['nagios']['ssl_cert_chain_file']

COOK-2732 A service can now be applied to multiple hostgroups via the data bag definition

COOK-3781 Service escalations can now be written using wildcards. See the readme for an example of this feature.

COOK-3702 Multiple PagerDuty keys for different contacts can be defined via a new nagios_pagerduty data bag. See the readme for more information on the new data bag and attributes for this feature.

COOK-3774Services can be limited to run on nagios servers in specific chef environments by adding a new "activate_check_in_environment" key to the services data bag. See the Services section of the readme for an example.

[COOK-2541] - Nagios cookbook should use node.roles instead of node.run_list.roles when calculating hostgroups

[COOK-2543] - Adds the ability to normalize hostnames to lowercase

[COOK-2450] - Add ability to define service groups through data bags.

[COOK-2642] - With multiple nagios servers, they can't use NRPE to check each other

[COOK-2613] - Install Nagios 3.5.0 when installing from source

v4.0.0

This is a major release that refactors a significant amount of the service configuration to use data bags rather than hardcoding specific checks in the templates. The README describes how to create services via data bags.

The main incompatibility and breaking change is that the default services that are monitored by Nagios is reduced to only the "check-nagios" service. This means that existing installations will need to start converting checks over to the new data bag entries.

[COOK-1553] - Nagios: check_nagios command does not work if Nagios is installed from source

[COOK-1554] - Nagios: The nagios server should be added to all relevant host groups

[COOK-1746] - nagios should provide more flexibility for server aliases

[COOK-2006] - Extract default checks out of nagios

[COOK-2129] - If a host is in the _default environment it should go into the _default hostgroup

v1.0.0

Foodcritic Metric

7.1.4 failed this metric

FC003: Check whether you are running with chef server before using server-specific features: /tmp/cook/d77b0516224ae63519996247/nagios/recipes/_load_databag_config.rb:30FC003: Check whether you are running with chef server before using server-specific features: /tmp/cook/d77b0516224ae63519996247/nagios/recipes/_load_databag_config.rb:32FC003: Check whether you are running with chef server before using server-specific features: /tmp/cook/d77b0516224ae63519996247/nagios/recipes/_load_default_config.rb:29FC003: Check whether you are running with chef server before using server-specific features: /tmp/cook/d77b0516224ae63519996247/nagios/recipes/_load_default_config.rb:31FC015: Consider converting definition to a LWRP: /tmp/cook/d77b0516224ae63519996247/nagios/definitions/nagios_conf.rb:1FC023: Prefer conditional attributes: /tmp/cook/d77b0516224ae63519996247/nagios/recipes/nginx.rb:19FC023: Prefer conditional attributes: /tmp/cook/d77b0516224ae63519996247/nagios/recipes/pagerduty.rb:76